Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/twDha2nTFfUERGKPoKpZcWQ_YE0.roa
File: twDha2nTFfUERGKPoKpZcWQ_YE0.roa (raw, json)
Hash identifier: oaFCZx5OGlPSpabyvp4qkpRk/FWBxZkB38CFrkaPq3c=
Subject key identifier: B7:00:E1:6B:69:D3:15:F5:04:44:62:8F:A0:AA:59:71:64:3F:60:4D
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018B064D7FD523FAF4AB3D6B56F5257196AF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/twDha2nTFfUERGKPoKpZcWQ_YE0.roa
Signing time: Fri 06 Oct 2023 18:43:44 +0000
ROA not before: Fri 06 Oct 2023 18:43:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 07:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:06:4d:7f:d5:23:fa:f4:ab:3d:6b:56:f5:25:71:96:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 6 18:43:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b700e16b69d315f50444628fa0aa5971643f604d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:10:f7:15:59:af:e6:54:b5:9b:73:ab:00:ac:
d1:0e:b7:5a:c9:20:a5:84:b0:7e:46:83:6c:0e:33:
33:68:2e:6f:89:17:10:f0:7d:3a:1f:f3:9f:39:aa:
fa:2c:9f:a6:57:85:9e:5e:78:8b:c2:81:14:74:09:
b1:ce:1d:68:20:3a:57:f7:a8:7c:76:85:86:83:03:
6a:d6:35:3d:c7:ab:8d:b3:32:44:63:64:df:9b:79:
74:26:cd:a8:ae:9f:3b:18:67:1c:f3:00:c8:cf:36:
07:07:e9:72:90:6f:d4:57:51:71:d3:96:f9:ca:f3:
4d:cb:a6:11:a4:0d:da:c6:5e:04:0d:3c:08:a2:f0:
2a:a0:71:1c:18:e0:07:32:5c:09:59:e6:6d:1e:3c:
05:35:fc:8b:b2:cc:5e:fa:ff:4f:d7:34:f3:3a:16:
7f:2c:6b:ee:ba:80:2b:cf:85:3e:16:8e:6b:e6:d7:
2a:79:54:a6:f3:a0:64:69:d5:4b:56:aa:bc:52:35:
52:1f:90:cf:13:17:8a:26:cf:12:21:46:b3:90:11:
21:66:bc:5a:19:30:f5:22:8f:78:b2:07:ca:47:bd:
2e:f2:ab:c5:36:6c:40:3d:3d:ba:de:78:e2:14:14:
5f:2a:d5:f4:1e:6c:f0:95:98:7e:11:bf:02:a7:a7:
ca:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:00:E1:6B:69:D3:15:F5:04:44:62:8F:A0:AA:59:71:64:3F:60:4D
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/twDha2nTFfUERGKPoKpZcWQ_YE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:19:fd:13:2b:74:4d:af:96:5c:53:78:72:7f:16:0d:9a:ad:
25:de:09:4d:97:34:65:c4:d7:48:1b:6f:9f:22:7c:44:a7:cb:
0b:1e:7e:00:79:f8:e1:80:c1:be:89:2e:f4:f9:c3:dc:86:19:
87:b9:34:67:5b:1c:a6:7e:90:44:e8:01:c7:e6:3a:e5:10:87:
9b:81:33:c6:48:cb:3d:b6:ea:81:c3:86:7b:47:9f:ff:92:44:
e5:90:b5:c4:2e:53:c0:2b:a0:97:08:2a:96:50:b1:d0:19:0d:
d0:1e:cb:41:38:57:96:67:f9:0a:5f:c3:2c:37:e4:50:82:52:
1c:d4:81:b8:87:7b:e3:15:b9:71:17:1c:0e:d7:be:30:0f:b2:
94:12:b9:fd:8b:ee:9f:19:af:9b:18:08:ab:fa:2c:2d:3c:54:
3f:7c:82:3a:07:09:c0:53:92:59:7a:6f:6a:eb:52:a2:67:39:
81:38:98:23:a2:8c:2c:63:68:9e:39:21:b7:b7:4a:45:23:25:
5f:70:68:4e:6a:01:e3:3f:03:c5:4d:72:1d:b7:71:f0:ae:6a:
ea:97:5b:8c:c5:55:c3:89:38:c4:33:38:28:6d:e8:0b:3f:1e:
54:a5:02:40:d4:8b:64:eb:e5:0c:53:1c:4a:1b:5c:c4:a8:6e:
00:43:d1:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsGTX/VI/r0qz1rVvUlcZavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMDA2MTg0MzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAwZTE2YjY5ZDMxNWY1MDQ0NDYyOGZhMGFhNTk3MTY0M2Y2MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhD3FVmv5lS1m3OrAKzRDrdaySCl
hLB+RoNsDjMzaC5viRcQ8H06H/OfOar6LJ+mV4WeXniLwoEUdAmxzh1oIDpX96h8
doWGgwNq1jU9x6uNszJEY2Tfm3l0Js2orp87GGcc8wDIzzYHB+lykG/UV1Fx05b5
yvNNy6YRpA3axl4EDTwIovAqoHEcGOAHMlwJWeZtHjwFNfyLssxe+v9P1zTzOhZ/
LGvuuoArz4U+Fo5r5tcqeVSm86BkadVLVqq8UjVSH5DPExeKJs8SIUazkBEhZrxa
GTD1Io94sgfKR70u8qvFNmxAPT263njiFBRfKtX0HmzwlZh+Eb8Cp6fKGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcA4Wtp0xX1BERij6CqWXFkP2BNMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdHdEaGEyblRGZlVFUkdLUG9LcFpjV1FfWUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQCOGf0TK3RNr5ZcU3hyfxYNmq0l3glNlzRlxNdIG2+f
InxEp8sLHn4AefjhgMG+iS70+cPchhmHuTRnWxymfpBE6AHH5jrlEIebgTPGSMs9
tuqBw4Z7R5//kkTlkLXELlPAK6CXCCqWULHQGQ3QHstBOFeWZ/kKX8MsN+RQglIc
1IG4h3vjFblxFxwO174wD7KUErn9i+6fGa+bGAir+iwtPFQ/fII6BwnAU5JZem9q
61KiZzmBOJgjoowsY2ieOSG3t0pFIyVfcGhOagHjPwPFTXIdt3Hwrmrql1uMxVXD
iTjEMzgobegLPx5UpQJA1Itk6+UMUxxKG1zEqG4AQ9H8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org